CN106453388B - The method and device of Website login - Google Patents

The method and device of Website login Download PDF

Info

Publication number
CN106453388B
CN106453388B CN201610992666.9A CN201610992666A CN106453388B CN 106453388 B CN106453388 B CN 106453388B CN 201610992666 A CN201610992666 A CN 201610992666A CN 106453388 B CN106453388 B CN 106453388B
Authority
CN
China
Prior art keywords
website
website login
user
basic input
output system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610992666.9A
Other languages
Chinese (zh)
Other versions
CN106453388A (en
Inventor
吴彦君
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Kaitian Technology Co Ltd
Original Assignee
Hefei Lianbao Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hefei Lianbao Information Technology Co Ltd filed Critical Hefei Lianbao Information Technology Co Ltd
Priority to CN201610992666.9A priority Critical patent/CN106453388B/en
Publication of CN106453388A publication Critical patent/CN106453388A/en
Application granted granted Critical
Publication of CN106453388B publication Critical patent/CN106453388B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a kind of method and devices of Website login, which comprises the website login information of requested Website login whether is stored in verifying basic input/output system memory;If storage, the website is logged according to the website login information stored;If not stored, the first system management interrupt is triggered, logs in the website.The technical solution of the embodiment of the present invention is in Website login, whether the website login information of requested Website login is stored in verifying basic input/output system memory, if storage, the website is then logged according to the website login information stored, if not stored, then trigger the first system management interrupt (SMI), the technical program instructs to be managed password using the first system management interrupt, rather than by the way of software, to avoid software unloading after can not know password the technical issues of.

Description

The method and device of Website login
Technical field
The present invention relates to field of communication technology, in particular to a kind of method and device of Website login.
Background technique
With the development of internet technology, more and more businessmans provide online service for user, lead to user It crosses and is operated on the net, be just able to satisfy every demand.User is when logging in these websites, for example, logging in portal website, shopping website When with the websites such as China Mobile Service Hall, it usually needs input the account and password of the website, Cai Nengdeng in the homepage of these websites Record.This requires user remembers the account and password of different web sites, if the account number cipher of all websites is all arranged to one The password of sample, and can be easy to be stolen by others, it causes damages.
In the prior art, code management device is used for usersmanaging passwords, but code management device once unloads, user The account and password that will be unable to obtain website, so that it cannot Website login or resetting password.
Summary of the invention
In view of this, the purpose of the embodiment of the present invention is that providing a kind of Website login for carrying out website Password Management for user Method and device.
To achieve the goals above, the embodiment of the invention provides a kind of methods of Website login, comprising:
Whether the website login information of requested Website login is stored in verifying basic input/output system memory;
If storage, the website is logged according to the website login information stored;
If not stored, the first system management interrupt is triggered, logs in the website.
Preferably, triggering the first system management interrupt, comprising:
The website login information is recorded, and the website login information is stored to the basic input output system and is deposited Reservoir.
Preferably, the method also includes:
When terminating to log in the website, the website login information stored in device is updated storage.
Preferably, the website login information includes the corresponding account in the website and password, updates storage in device and deposit The log-on message of the website of storage, comprising:
The corresponding password in the website is regenerated using hash algorithm, and by the password storage described substantially defeated Enter in output system memory.
Preferably, before the website login information for whether storing requested Website login in verifying memory, the side Method further include:
Whether verifying user has the permission for obtaining data in the basic input/output system memory;
If so, the server address of the wanted Website login of user is obtained, to log in the website;
If no, triggering second system management interrupt, allows the user to obtain the basic input output system and deposit Data in reservoir.
Preferably, triggering second system management interrupt, comprising:
The permission for obtaining data in the basic input/output system memory is distributed for the user.
The embodiment of the present invention also provides a kind of device of Website login, comprising:
First authentication module is configured to whether store requested Website login in verifying basic input/output system memory Website login information;
Website log module is configured to when the website of the requested Website login of storage in basic input/output system memory When log-on message, the website is logged according to the website login information stored;
First execution module is configured to as when Website login is requested in storage no in basic input/output system memory Website login information when, trigger the first system management interrupt.
Preferably, first execution module is specifically used for:
The website login information is recorded, and the website login information is stored to the basic input output system and is deposited Reservoir.
Preferably, described device further include:
Second authentication module, is configured to whether verifying user has number in the acquisition basic input/output system memory According to permission;
Module is obtained, is configured to that there is the permission for obtaining data in the basic input/output system memory as user When, the server address of the wanted Website login of user is obtained, to log in the website;
Second execution module is configured to obtain data in the basic input/output system memory when user does not have When permission, second system management interrupt is triggered.
Preferably, second execution module, is specifically used for:
The permission for obtaining data in the basic input/output system memory is distributed for the user.
Compared with prior art, the embodiment of the present invention has the advantages that the technical solution of the embodiment of the present invention exists When Website login, the website login information that requested Website login whether is stored in basic input/output system memory is verified, If storage, the website is logged according to the website login information stored and triggers the first system management interrupt if not stored (SMI), the technical program is instructed using the first system management interrupt to be managed to password, rather than by the way of software, The technical issues of to avoid that can not know password after software unloading.
Detailed description of the invention
Fig. 1 is the flow chart of the embodiment one of the method for Website login of the invention;
Fig. 2 is the flow chart of the embodiment two of the method for Website login of the invention;
Fig. 3 is the flow chart of the embodiment three of the method for Website login of the invention;
Fig. 4 is the schematic diagram of the embodiment one of the device of Website login of the invention;
Fig. 5 is the schematic diagram of the embodiment two of the device of Website login of the invention.
Specific embodiment
With reference to the accompanying drawings and examples, specific embodiments of the present invention will be described in further detail.Implement below Example is not intended to limit the scope of the invention for illustrating the present invention.
Fig. 1 is the flow chart of the embodiment one of the method for Website login of the invention, as shown in Figure 1, the present embodiment is stepped on The method for recording website, can specifically include following steps:
S101, verify basic input output system (Basic Input/Output System, BIOS) memory in whether Store the website login information of requested Website login;If storage, thens follow the steps S102;Otherwise, S103 is thened follow the steps.
Specifically, the executing subject of the present embodiment is embedded controller (Embed Controller, EC).User makes When with terminal Website login, EC obtains the data of user's input, and when user's input is when being website or linking, EC passes through touching SMI is sent out to verify whether store website login information in BIOS memory, website login information generally includes corresponding with the website Account and password.For example, user, which needs to log in business hall on mobile network, handles mobile phone business, user can be stepped on by computer Business hall website on mobile network is recorded, the account of the website is user mobile phone number, if logged website in advance, BIOS storage The account of this website, the i.e. cell-phone number and password of user are previously stored in device, then user does not need input account and password, i.e., It can the automated log on website.
Terminal may include the terminals such as computer, tablet computer, smart phone.
S102, according to the website login information Website login stored.
Specifically, if being stored with website login information, EC can directly acquire the website login information, Website login.
S103 is triggered the first system management interrupt (System Management Interrupt, SMI), Website login.
Specifically, the first system management interrupt SMI is a kind of hardware interrupts, and central processing unit (CPU) is entered by SMI System break mode.Break under mode in systems, the software under all operating systems is only capable of passing through base all by power out of hand This input and output code operates, and guarantees safety in this way.The present embodiment triggers SMI by EC, then passes through BIOS's again Code carrys out administrative login information, is a kind of in such a way that hardware is managed password, rather than software is used to carry out password Management, in this way can be to avoid that can not know password after software unloads the technical issues of.
Whether the technical solution of the embodiment of the present invention is verified and is deposited in basic input/output system memory in Website login The website login information of requested Website login is stored up, if storage, according to the website login information Website login stored, if not Storage, then trigger the first system management interrupt (SMI), the technical program using the first system management interrupt instruction come to password into Row management, rather than using software by the way of, the technical issues of can not knowing password after unloading to avoid software.
Fig. 2 is the flow chart of the embodiment two of the method for Website login of the invention, the side of the Website login of the present embodiment Method on the basis of the above embodiment 1, further introduces technical solution of the present invention in further detail.As shown in Fig. 2, this reality The method for applying the Website login of example, can specifically include following steps:
S201 verifies the website log letter that requested Website login whether is stored in basic input/output system memory Breath, if storage, thens follow the steps S202;Otherwise, S203 is thened follow the steps.
Specifically, the executing subject of the present embodiment is EC.For user in using terminal Website login, EC obtains user's input Data, when user's input be website or link when, whether EC is deposited by triggering SMI to verify in BIOS memory Website login information is stored up, website login information generally includes account corresponding with the website and password.For example, user needs to log in Mobile phone business is handled in business hall on mobile network, and user can log in business hall website on mobile network by computer, the website Account is user mobile phone number, if logged website in advance, the account of this website is previously stored in BIOS memory, i.e., The cell-phone number and password of user, then user does not need input account and password, can the automated log on website.
Terminal may include the terminals such as computer, tablet computer, smart phone.
S202, if storage, according to the website login information Website login stored.
Specifically, if being stored with website login information, EC can directly acquire the website login information, Website login.
S203 records website login information, and website login information is stored to basic input/output system memory, steps on Record website.
Specifically, if the not stored website login information of BIOS memory, need user that can voluntarily input the account of the website Number and password, to log in the website.While logging in the website, EC triggers SMI instruction, and the website for obtaining the website automatically is stepped on Information is recorded, while distributing memory block in BIOS memory to store website login information.
S204 updates storage the website login information stored in device when terminating Website login.
Further, to guarantee network security, the present embodiment can automatically update memory after user terminates Website login The website login information of middle storage.After terminating Website login every time, website login information can all update user in this way, to avoid Other people steal website login information, ensure information security.Step S204 includes:
The corresponding password in website is regenerated using hash algorithm, and password storage is deposited in basic input output system In reservoir.
The present embodiment uses hash algorithm in the prior art, and those skilled in the art should be available to hash algorithm Application method, details are not described herein.
The technical solution of the embodiment of the present invention can automatically update website login information when terminating Website login every time, with Guarantee the information security of user.
Fig. 3 is the flow chart of the embodiment three of the method for Website login of the invention, the side of the Website login of the present embodiment Method on the basis of the above embodiment 1, further introduces technical solution of the present invention in further detail.As shown in figure 3, this reality The method for applying the Website login of example, can specifically include following steps:
S301, verifies whether user has the permission for obtaining data in basic input/output system memory;If so, then holding Row step S302;Otherwise, step S306 is executed.
It specifically, is the execution convenient for a upper process, the present embodiment in the specific implementation, can be installed at the terminal in advance Application program (Application, APP), and APP can be logged in, process as illustrated in fig. 1 and 2 is executed by APP, this Just user operates sample prescription.
S302 obtains the server address of the wanted Website login of user, with Website login.
Specifically, after user logs in APP, according to the request of user, the server that user wants the website logged in is obtained Address.For example, user wants to log in business hall on mobile network, then the server address of mobile operator is obtained, to log in movement Online business hall website.
S303 verifies the website log letter that requested Website login whether is stored in basic input/output system memory Breath;If storage, thens follow the steps S304;Otherwise, step S305 is executed.
Specifically, for user in using terminal Website login, EC obtains the data of user's input, and what it is when user's input is net When network address of standing or link, EC verified in BIOS memory by triggering SMI whether storage website login information, website log Information generally includes account corresponding with the website and password.For example, user, which needs to log in business hall on mobile network, handles mobile phone Business, user can log in business hall website on mobile network by computer, and the account of the website is user mobile phone number, if thing First logged website, then be previously stored with the account of this website, the i.e. cell-phone number and password of user, then use in BIOS memory Family does not need input account and password, can the automated log on website
S304, if storage, according to the website login information Website login stored.
Specifically, if being stored with website login information, EC can directly acquire the website login information, Website login.
S305 triggers the first system management interrupt if not stored.
Specifically, the first system management interrupt SMI is a kind of hardware interrupts, and central processing unit (CPU) is entered by SMI System break mode.Break under mode in systems, the software under all operating systems is only capable of passing through base all by power out of hand This input and output code operates, and guarantees safety in this way.The present embodiment by EC trigger SMI instruction, by SMI agreement come Website login information is managed, rather than uses software, such as code management device to be managed to password, can be kept away in this way Exempt from the technical issues of can not knowing password after software unloads.
S306 triggers second system management interrupt, allows the user to obtain the basic input/output system memory In data.
In step S306, second system management interrupt is triggered, i.e., according to SMI agreement, executes SMI instruction, specifically holds Row includes: that the permission for obtaining data in basic input/output system memory is distributed for user.That is, logging in the APP's for user Account and password, in order to which user logs in this APP, to be operated.
The technical solution of the embodiment of the present invention provides APP for user, in order to which user facilitates operation in Website login.
Fig. 4 is the schematic diagram of the embodiment one of the device of Website login of the invention, as shown in figure 4, the present embodiment is stepped on The device for recording website, can specifically include 41 website log module 42 of the first authentication module and the first execution module 43.
Whether the first authentication module 41 is configured to store in verifying basic input/output system memory and requests to log in net The website login information stood;
Website log module 42 is configured to the net when the requested Website login of storage in basic input/output system memory When log-on message of standing, according to the website login information Website login stored;
First execution module 43 is configured to store requested Website login when no in basic input/output system memory Website login information when, trigger the first system management interrupt.
The device of the Website login of the present embodiment is managed with Website login website password by using above-mentioned module Realization mechanism it is identical as the realization mechanism of the method for the Website login of above-mentioned embodiment illustrated in fig. 1, can refer in detail above-mentioned The record of embodiment illustrated in fig. 1, details are not described herein.
Fig. 5 is the schematic diagram of the embodiment two of the device of Website login of the invention, the dress of the Website login of the present embodiment It sets on the basis of embodiment as shown in Figure 4, introduces technical solution of the present invention in further detail.As shown in figure 5, this implementation The device of the Website login of example, can further include:
First execution module 43 is specifically used for:
Website login information is recorded, and website login information is stored to basic input/output system memory.
The device further include:
Second authentication module 51, is configured to whether verifying user has data in acquisition basic input/output system memory Permission;
Module 52 is obtained, is configured to when user has and obtains the permission of data in basic input/output system memory, The server address of the wanted Website login of user is obtained, with Website login;
Second execution module 53 is configured to do not have the power for obtaining data in basic input/output system memory as user In limited time, second system management interrupt is triggered, allows the user to obtain the data in the basic input/output system memory.
Further, the second execution module 53, is specifically used for:
The permission for obtaining data in basic input/output system memory is distributed for user.
The device of the Website login of the present embodiment is managed with Website login website password by using above-mentioned module Realization mechanism it is identical as the realization mechanism of the method for the Website login of above-mentioned embodiment illustrated in fig. 3, can refer in detail above-mentioned The record of embodiment illustrated in fig. 3, details are not described herein.
Above embodiments are only exemplary embodiment of the present invention, are not used in the limitation present invention, protection scope of the present invention It is defined by the claims.Those skilled in the art can within the spirit and scope of the present invention make respectively the present invention Kind modification or equivalent replacement, this modification or equivalent replacement also should be regarded as being within the scope of the present invention.

Claims (10)

1. a kind of method of Website login characterized by comprising
Whether the website login information of requested Website login is stored in verifying basic input/output system memory;
If storage, the website is logged according to the website login information stored;
If not stored, the first system management interrupt is triggered, according to the account and password of the website that user voluntarily inputs, logs in institute State website.
2. the method according to claim 1, wherein triggering the first system management interrupt, comprising:
The website login information is recorded, and the website login information is stored to the basic input output system and is stored Device.
3. the method according to claim 1, wherein the method also includes:
When terminating to log in the website, the website login information stored in device is updated storage.
4. according to the method described in claim 3, it is characterized in that, the website login information includes the corresponding account in the website Number and password, update storage the log-on message of the website stored in device, comprising:
Regenerate the corresponding password in the website using hash algorithm, and by the password storage it is described input substantially it is defeated Out in system storage.
5. the method according to claim 1, wherein whether storing requested Website login in verifying memory Before website login information, the method also includes:
Whether verifying user has the permission for obtaining data in the basic input/output system memory;
If so, the server address of the wanted Website login of user is obtained, to log in the website;
If no, triggering second system management interrupt, allow the user to obtain the basic input/output system memory In data.
6. according to the method described in claim 5, it is characterized in that, triggering second system management interrupt, comprising:
The permission for obtaining data in the basic input/output system memory is distributed for the user.
7. a kind of device of Website login characterized by comprising
First authentication module is configured to whether store the net of requested Website login in verifying basic input/output system memory It stands log-on message;
Website log module is configured to the website log when the requested Website login of storage in basic input/output system memory When information, the website is logged according to the website login information stored;
First execution module, be configured to by when do not have in basic input/output system memory storage request Website login net When log-on message of standing, the first system management interrupt is triggered;According to the account and password of the website that user voluntarily inputs, net is logged in It stands.
8. device according to claim 7, which is characterized in that first execution module is specifically used for:
The website login information is recorded, and the website login information is stored to the basic input output system and is stored Device.
9. device according to claim 7, which is characterized in that described device further include:
Second authentication module, is configured to whether verifying user has data in the acquisition basic input/output system memory Permission;
Module is obtained, is configured to obtain when user has and obtains the permission of data in the basic input/output system memory The server address of the wanted Website login in family is taken, to log in the website;
Second execution module is configured to do not have the permission for obtaining data in the basic input/output system memory as user When, trigger second system management interrupt.
10. device according to claim 9, which is characterized in that second execution module is specifically used for:
The permission for obtaining data in the basic input/output system memory is distributed for the user.
CN201610992666.9A 2016-11-10 2016-11-10 The method and device of Website login Active CN106453388B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610992666.9A CN106453388B (en) 2016-11-10 2016-11-10 The method and device of Website login

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610992666.9A CN106453388B (en) 2016-11-10 2016-11-10 The method and device of Website login

Publications (2)

Publication Number Publication Date
CN106453388A CN106453388A (en) 2017-02-22
CN106453388B true CN106453388B (en) 2019-12-03

Family

ID=58206981

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610992666.9A Active CN106453388B (en) 2016-11-10 2016-11-10 The method and device of Website login

Country Status (1)

Country Link
CN (1) CN106453388B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666164B (en) * 2022-05-19 2022-10-25 南通环典计算机技术有限公司 Computer network user identity login verification system and method

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6889251B1 (en) * 2000-08-14 2005-05-03 Phoenix Technologies Ltd. Computer systems and methods employing thin-client internet launching mechanisms
CN101340281B (en) * 2007-07-02 2010-12-22 联想(北京)有限公司 Method and system for safe login input on network
CN102291456A (en) * 2011-08-11 2011-12-21 Tcl集团股份有限公司 account number management method, device and system
CN102999733B (en) * 2012-11-30 2017-10-27 北京奇虎科技有限公司 A kind of method and apparatus that website login information is preserved in browser
CN103200246B (en) * 2013-03-21 2016-01-13 东信和平科技股份有限公司 A kind of method for network access control based on trust computing and system
CN103414824B (en) * 2013-08-14 2015-10-28 惠州Tcl移动通信有限公司 A kind of automatic login process method based on mobile terminal and system
CN105989273B (en) * 2015-02-13 2019-06-25 联想(上海)信息技术有限公司 Application program login method, device and electronic equipment

Also Published As

Publication number Publication date
CN106453388A (en) 2017-02-22

Similar Documents

Publication Publication Date Title
US10735196B2 (en) Password-less authentication for access management
US11190513B2 (en) Gateway enrollment for internet of things device management
JP6563134B2 (en) Certificate renewal and deployment
JP2022078093A (en) Distributed, decentralized data aggregation
EP3391616B1 (en) Device management with tunneling
JP6887421B2 (en) Establishing reliability between containers
US10887307B1 (en) Systems and methods for identifying users
US20170331818A1 (en) Systems and methods for location-restricting one-time passcodes
US9560523B2 (en) Mobile device authentication
CN106341381A (en) Method and system of key management for rack server system
JP2016517057A (en) One-touch device personalization
US8190757B1 (en) Systems and methods for automatically binding client-side applications with backend services
CN104320389A (en) Fusion identify protection system and fusion identify protection method based on cloud computing
US11080385B1 (en) Systems and methods for enabling multi-factor authentication for seamless website logins
EP3884405B1 (en) Secure count in cloud computing networks
CN113505354B (en) Data processing method, device and storage medium
CN103188241A (en) User account management method based on mobile intelligent terminal number
US11349825B1 (en) Secured automatic user log-in at website via personal electronic device
WO2019006595A1 (en) Control method and apparatus, and electronic device
US10567962B1 (en) Systems and methods for connecting internet-connected devices to wireless access points
US10114939B1 (en) Systems and methods for secure communications between devices
TW201335777A (en) Distributed data storing and accessing system and method
CN110008669A (en) A kind of platform login method, system, device, terminal device and storage medium
CN106453388B (en) The method and device of Website login
CN108494749A (en) Method, apparatus, equipment and the computer readable storage medium of IP address disabling

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20201218

Address after: 601-g6-1, 6th floor, building 2, No. 6, Shangdi West Road, Haidian District, Beijing 100085

Patentee after: Lenovo Kaitian Technology Co., Ltd

Address before: 230601 418, 4 building, Hai Heng mansion 6, Cui Wei Road, Hefei economic and Technological Development Zone, Anhui

Patentee before: HEFEI LCFC INFORMATION TECHNOLOGY Co.,Ltd.

TR01 Transfer of patent right